Cyber risks to Australia’s election integrity
- 08 May, 2019 10:34
The increasing digitisation of our world has transformed the way in which we live and work. Although living in an increasingly connected world has produced many benefits it has also created new challenges. One being the unrelenting risk of cyber crime which is perpetually on the rise. Not only are the types of cyber threats increasing, so too are the number of cyber criminals.
Rising geopolitical tensions and an expanding attack surface have left governments and businesses more vulnerable than ever to targeted cyber attacks. The 2018 Global Business Risks report from the World Economic Forum ranks cyber attacks as the No. 3 global risk in terms of likelihood, behind extreme weather events and natural disasters. A recent study commissioned by Tenable from the Ponemon Institute found that nearly two thirds (62 per cent) of organisations polled had suffered two or more cyberattacks over the past two years.
Earlier this year, we witnessed the hacking of Parliament House’s email server, which exposed vulnerabilities in Australia’s digital infrastructure, reflecting how this issue is not only impacting Australian businesses, but national security and ultimately civilians too. With the federal election set to take place on May 18, there are a growing number of concerns that bad actors could hack the Australian Electoral Commission (AEC).
A welcome boost
As awareness surrounding such cyber threats increases, the government has committed to bolster security and protect the upcoming election from compromise. According to the Budget papers, “The government will provide funding to enhance cyber security for whole-of-government systems in relation to the federal election, and to mitigate potential cyber threats through enhanced monitoring and response capabilities”.
This ongoing watch over vital systems and critical information will aim to ensure the integrity of the election is maintained. This investment by the government reflects a strategic focus on national security and is an important step in identifying and remediating potential vulnerabilities in existing systems and safeguarding the election from foreign interference.
Out with the old, in with the new
The government, as part of the Federal Budget, has also handed down $10.8 million to the AEC in a bid to “scope the deployment of new polling place technology and upgrades to its ageing core ICT infrastructure”. More often than not, legacy infrastructure wasn’t designed with safety measures to protect them from the variety of vulnerabilities that are present today.
And the number of vulnerabilities emerging increases every day. According to the National Vulnerability Database, there were 16,500 new vulnerabilities disclosed in 2018 alone. At the same time, many legacy systems also operate on out-of-date operating systems for which no patches are available leaving them vulnerable to being exploited.
Last year, Alastair McGibbon, the government’s chief cyber security coordinator, went on record and stated that a catastrophic cyber incident is the greatest existential threat we face as a society today. With May’s election looming, this renewed focus will bolster Australia’s cybersecurity capability and go a long way in assuring the Australian people of the cyber resilience of democracy. I encourage all political parties to continue to prioritise cybersecurity now and well into the future.
Bede Hackney is ANZ country manager at Tenable.